Finding and fixing vulnerabilities in information systems the vulnerability assessment & mitigation methodology
Understanding an organization's reliance on information systems and how to mitigate the vulnerabilities of these systems can be an intimidating challenge--especially when considering less well-known weaknesses or even unknown vulnerabilities that have not yet been exploited. The authors, unders...
Main Author: | |
---|---|
Format: | eBook |
Language: | English |
Published: |
Santa Monica, CA
Rand
2003, 2003
|
Series: | Rand note
|
Subjects: | |
Online Access: | |
Collection: | JSTOR Open Access Books - Collection details see MPG.ReNa |
Table of Contents:
- Introduction
- Concepts and definitions
- VAM methodology and other DoD practices in risk assessment
- Vulnerability attributes of system objects
- Direct and indirect security techniques
- Generating security options for vulnerabilities
- Automating and executing the methodology: a spreadsheet tool
- Next steps and discussion
- Summary and conclusions
- Appendix: Vulnerability to mitigation map values
- Includes bibliographical references